Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

serve-static

Ecosystem:
npm
Package URL:
pkg:npm/serve-static
Total PRs:
2,227 Dependabot PRs
Latest PR:
about 1 hour ago
Unique Repositories:
1,839 repositories
Unique Repos (30 days):
243 repositories
Security Advisories
Open Redirect in serve-static
GHSA-c3x7-gjmx-r2ff CVE-2015-1164 LOW published about 5 years ago • updated about 1 month ago
Versions of `serve-static` prior to 1.6.5 ( or 1.7.x prior to 1.7.2 ) are affected by an open redirect vulnerability on some browsers when configur...
serve-static vulnerable to template injection that can lead to XSS
GHSA-cm22-4g7w-348p CVE-2024-43800 LOW published about 1 year ago • updated about 1 month ago
### Impact passing untrusted user input - even after sanitizing it - to `redirect()` may execute untrusted code ### Patches this issue is patche...
Recent PRs (filtered by: Patch PRs )
RSS Feed Clear filter
Bump send and serve-static

future-architect/future-architect.github.io #1592

1.16.0 → 1.16.2 Patch PR
Merged 22 days ago
future-architect
Bump send and serve-static in /client

yuanyu90221/RnPos #98

1.16.0 → 1.16.2 Patch PR
Merged about 2 months ago
yuanyu90221
Package Details
Name: serve-static
Ecosystem: npm
PURL Type: npm
Package URL: pkg:npm/serve-static
JSON API: View JSON
Security Advisories

2

Active advisories
LOW 2
View All npm Advisories
Package Information
Description:

Serve static files

Repository: https://github.com/expressjs/serve-static
Homepage: https://github.com/expressjs/serve-static#readme
Latest Release: 2.2.0
6 months ago
Dependent Repos: 4,975,561
Dependent Packages: 5,768
Downloads: 166,108,478
Ranking: Top 0.0003% by dependent repos Top 0.0102% by downloads Top 0.0158% by dependent pkgs
PR Status
Open 1,202 (54.0%)
Merged 265 (11.9%)
Closed 509 (22.9%)
PR Types
Removal 13 (0.6%)
Minor 1,866 (83.9%)
Major 50 (2.2%)
Patch 2 (0.1%)